<?php
	session_start();
	
	$host="localhost"; // Host name 
	$username="root"; // Mysql username 
	$password=""; // Mysql password 
	$db_name="nlp"; // Database name 
	$tbl_name="utterances"; // Table name

	// Connect to server and select databse.
	mysql_connect("$host", "$username", "$password") or die("cannot connect"); 
	mysql_select_db("$db_name") or die("cannot select DB");

	// username and password sent from form 
	$myusername=$_SESSION['username']; 
	$myfilename=$_POST['filename'];
	$myquestion=$_POST['question'];

	// To protect MySQL injection (more detail about MySQL injection)
	$myusername = stripslashes($myusername);
	$myfilename = stripslashes($myfilename);
	$myquestion = stripslashes($myquestion);
	$myusername = mysql_real_escape_string($myusername);
	$myfilename = mysql_real_escape_string($myfilename);
	$myquestion = mysql_real_escape_string($myquestion);

	$sql="INSERT INTO $tbl_name(username, question, filename) VALUES('$myusername', '$myquestion', '$myfilename')";
	$result=mysql_query($sql) or die(mysql_error());
?>